Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Eclipse Subscribe
Total 141 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34433 1 Eclipse 1 Californium 2021-08-26 5.0 MEDIUM 7.5 HIGH
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange.
CVE-2021-34432 1 Eclipse 1 Mosquitto 2021-08-17 5.0 MEDIUM 7.5 HIGH
In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.
CVE-2019-17640 1 Eclipse 1 Vert.x 2021-08-06 7.5 HIGH 9.8 CRITICAL
In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the current working directory.
CVE-2021-34431 1 Eclipse 1 Mosquitto 2021-08-03 4.0 MEDIUM 6.5 MEDIUM
In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.
CVE-2019-18213 3 Eclipse, Theia Xml Extension Project, Xml Language Server Project 3 Wild Web Developer, Theia Xml Extension, Xml Server Project 2021-07-21 6.5 MEDIUM 8.8 HIGH
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking). This occurs in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java.
CVE-2017-7656 2 Debian, Eclipse 2 Debian Linux, Jetty 2021-07-20 5.0 MEDIUM 7.5 HIGH
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.
CVE-2017-7658 5 Debian, Eclipse, Hp and 2 more 20 Debian Linux, Jetty, Xp P9000 and 17 more 2021-07-20 7.5 HIGH 9.8 CRITICAL
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
CVE-2017-7657 5 Debian, Eclipse, Hp and 2 more 18 Debian Linux, Jetty, Xp P9000 and 15 more 2021-07-20 7.5 HIGH 9.8 CRITICAL
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
CVE-2021-34430 1 Eclipse 1 Tinydtls 2021-07-12 5.0 MEDIUM 7.5 HIGH
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic.
CVE-2019-17638 1 Eclipse 1 Jetty 2021-06-14 7.5 HIGH 9.4 CRITICAL
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with other data. Thread1 then proceeds to write the buffer that now contains different data. This results in client1, which issued request1 seeing data from another request or response which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.). If the Jetty version cannot be upgraded, the vulnerability can be significantly reduced by configuring a responseHeaderSize significantly larger than the requestHeaderSize (12KB responseHeaderSize and 8KB requestHeaderSize).
CVE-2019-17632 1 Eclipse 1 Jetty 2021-06-14 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escape Exception messages in stacktraces included in error output.
CVE-2019-10246 4 Eclipse, Microsoft, Netapp and 1 more 26 Jetty, Windows, Element and 23 more 2021-06-14 5.0 MEDIUM 5.3 MEDIUM
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories.
CVE-2014-9390 6 Apple, Eclipse, Git-scm and 3 more 8 Mac Os X, Xcode, Egit and 5 more 2021-05-17 7.5 HIGH 9.8 CRITICAL
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
CVE-2018-12536 2 Eclipse, Oracle 2 Jetty, Retail Xstore Point Of Service 2021-05-14 5.0 MEDIUM 5.3 MEDIUM
In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system.
CVE-2021-28167 1 Eclipse 1 Openj9 2021-04-27 6.4 MEDIUM 6.5 MEDIUM
In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.
CVE-2021-28166 1 Eclipse 1 Mosquitto 2021-04-13 4.0 MEDIUM 6.5 MEDIUM
In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur.
CVE-2020-27224 1 Eclipse 1 Theia 2021-03-25 9.3 HIGH 9.6 CRITICAL
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.
CVE-2021-28161 1 Eclipse 1 Theia 2021-03-18 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.
CVE-2021-28162 1 Eclipse 1 Theia 2021-03-18 4.3 MEDIUM 6.1 MEDIUM
In Eclipse Theia versions up to and including 0.16.0, in the notification messages there is no HTML escaping, so Javascript code can run.
CVE-2020-27225 1 Eclipse 1 Platform 2021-03-18 4.6 MEDIUM 7.8 HIGH
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process.